updates

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2475 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2011-09-03 14:17:42 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2011-09-03 14:17:42 +0000
commit: 50c4556b5fbd49d8be4cce3cd3af39c55df3f6e7 (patch)
tree: a7f50b339de15c3603db42cfa40f0ce090e324d5
parent: 18e511c2d28be65276aa7bfda0fa09a1d9cb513f (diff)
1 files changed, 14 insertions, 5 deletions
diff --git a/dsa-texts/2.6.32-35squeeze1 b/dsa-texts/2.6.32-35squeeze1
index 631bc95e..b66d5ce5 100644
--- a/dsa-texts/2.6.32-35squeeze1
+++ b/dsa-texts/2.6.32-35squeeze1
@@ -38,19 +38,26 @@ CVE-2011-2491
 
 CVE-2011-2492 
 
-    foo
+    Marek Kroemeke and Filip Palian discovered that uninitialised struct
+    elements in the Bluetooth subsystem could lead to the information
+    through leaked stack memory.
+    
 
 CVE-2011-2495 
 
-    foo
+    Vasiliy Kulikov of Openwall discovered that the io file of a process'
+    proc directory was world-readable, resulting in local information disclosure
+    of information like password lengths.
 
 CVE-2011-2496 
 
-    foo
+    Robert Swiecki discovered that mremap() could be abused for local denial of
+    service by triggering a BUG_ON assert.
 
 CVE-2011-2497
 
-    foo
+    Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which
+    could lead to denial of service or privilege escalation.
 
 CVE-2011-2517 
 
@@ -81,7 +88,9 @@ CVE-2011-2905
 
 CVE-2011-2909 
 
-    foo
+    Vasiliy Kulikov of Openwall discovered that a programming error in
+    the Comedi driver could lead to the information disclosure through 
+    leaked stack memory.
 
 CVE-2011-2918
author	Moritz Muehlenhoff <jmm@debian.org>	2011-09-03 14:17:42 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2011-09-03 14:17:42 +0000
commit	50c4556b5fbd49d8be4cce3cd3af39c55df3f6e7 (patch)
tree	a7f50b339de15c3603db42cfa40f0ce090e324d5
parent	18e511c2d28be65276aa7bfda0fa09a1d9cb513f (diff)